Image forming apparatus performing control of browsing of a file by a terminal, terminal, file browsing control system, image forming method, and recording medium

ABSTRACT

There is provided an image forming apparatus that eliminates the need for separately preparing an encrypted file for each user. To achieve this, the image forming apparatus performs control of browsing of a browsing file that is browsed at a terminal. The document acquisition portion of the image forming apparatus acquires document data. The document encryption portion encrypts the document data with a public key as the browsing file. The position information setting portion sets position information to permit browsing of the browsing file encrypted by the document encryption portion in a viewer for causing the browsing file to be browsed at the terminal. In the case where it has been determined that the position information coincides with a current position, a browsing execution portion at the terminal uses a secret key to decrypt the browsing file for causing it to be browsed.

INCORPORATION BY REFERENCE

This application is based on and claims the benefit of priority fromJapanese Patent Application No. 2013-114935 filed on May 31, 2013, thecontents of which are hereby incorporated by reference.

BACKGROUND

The present disclosure relates to an image forming apparatus, aterminal, a file browsing control system, an image forming method, and arecording medium, and particularly to an image forming apparatus, aterminal, a file browsing control system, an image forming method, and arecording medium for causing an encrypted file to be browsed.

A typical image forming apparatus, such as a multifunctional peripheral(MFP), can print a document or an image.

Further, in recent years, there has been available a technique for afile browsing control system that performs control of access todocuments, and the like, which have been digitized and accumulated asfiles. In such a file browsing control system, a dedicated browsingterminal causes a file subjected to encryption, or the like, to bebrowsed.

In such a file browsing control system, even if there has occurred anoutflow or illegal copy of a file, or the like, browsing can beinhibited to make it impossible to display the file, and so on, wherebythe security can be enhanced.

SUMMARY

The image forming apparatus of the present disclosure is an imageforming apparatus that performs control of browsing of a file with aterminal. An encryption portion encrypts the file with a public key. Abrowsing permitting position information setting portion sets positioninformation, which is to permit browsing of the file encrypted by theencryption portion, in a viewer for causing the file to be browsed atthe terminal.

The terminal of the present disclosure is a terminal for browsing a fileencrypted by the image forming apparatus. A position information storageunit stores position information to permit browsing of the file. Aposition information determination portion determines whether or not theposition information stored in the position information storage unitcoincide with a current position. Upon the position informationdetermination portion having determined that the position informationincluded in a viewer coincides with a current position, a browsingexecution portion uses the viewer stored in the position informationstorage unit to decrypt the file for causing it to be browsed.

The file browsing control system of the present disclosure is a filebrowsing control system that performs control of browsing of a file withthe image forming apparatus and the terminal. The encryption portion ofthe image forming apparatus encrypts the file with a public key. Thebrowsing permitting position information setting portion of the imageforming apparatus sets position information, which is to permit browsingof the file encrypted by the encryption portion, in a viewer for causingthe file to be browsed at the terminal. The position information storageunit of the terminal stores the position information set in the viewerby the browsing permitting position information setting portion. Theposition information determination portion of the terminal determineswhether or not the position information included in the viewer stored inthe position information storage unit coincides with a current position.Upon the position information determination portion having determinedthat the position information included in the viewer coincides with acurrent position, the browsing execution portion of the terminal usesthe viewer stored in the position information storage unit to decryptthe file for causing it to be browsed.

The image forming method of the present disclosure is an image formingmethod by an image forming apparatus that performs control of browsingof a file with a terminal. With this method, the file is encrypted witha public key, and position information to permit browsing of the fileencrypted is set in a viewer for causing the file to be browsed at theterminal.

The recording medium of the present disclosure is a recording mediumthat is non-transitory and stores a program for implementing an imageforming method that is executed by an image forming apparatus thatperforms control of browsing of a file with a terminal is recorded. Theprogram encrypts the file with a public key, and sets positioninformation to permit browsing of the file encrypted in a viewer forcausing the file to be browsed at the terminal.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram illustrating an internal configuration ofan image forming apparatus according to an embodiment of the presentdisclosure;

FIG. 2 is a block diagram illustrating a control configuration of theimage forming apparatus and the terminal according to the embodiment ofthe present disclosure;

FIG. 3A is a block diagram illustrating the details of the functionalconfiguration and data of the image forming apparatus according to theembodiment of the present disclosure;

FIG. 3B is a block diagram illustrating the details of the functionalconfiguration and data of the terminal according to the embodiment ofthe present disclosure;

FIG. 4 is a flowchart of browsing file preparation process according tothe embodiment of the present disclosure;

FIG. 5 is a conceptual drawing illustrating the relationship among therespective files resulting from the browsing file preparation processaccording to the embodiment of the present disclosure;

FIG. 6 is a flowchart of file browsing process according to theembodiment of the present disclosure;

FIG. 7 is an example of screen for dialog display process according tothe embodiment of the present disclosure;

FIG. 8 is a conceptual drawing for file decryption process according tothe embodiment of the present disclosure; and

FIG. 9 is an example of screen for file display process according to theembodiment of the present disclosure.

DETAILED DESCRIPTION

<Embodiment>

[Configuration of Image Forming Apparatus 1]

Next, with reference to FIG. 1, a configuration of an image formingapparatus 1 according to an embodiment of the present disclosure will beexplained in detail.

Referring to FIG. 1, the image forming apparatus 1 of the presentembodiment includes a document reading unit 2, a document feeding unit3, a main unit 4, a stack tray 5, an operation panel unit 6, and arecording medium connection unit 63.

The document reading unit 2 is disposed on top of the main unit 4, andthe document feeding unit 3 is disposed on top of the document readingunit 2. The stack tray 5 is disposed on the side of a delivery port 41for recording sheets that is formed in the main unit 4, and theoperation panel unit 6 is disposed on the front side of the imageforming apparatus 1.

The document reading unit 2 includes a scanner 21, a platen glass 22,and a document reading slit 23. The scanner 21 is constituted by anexposure lamp, an imaging sensor, and the like, being configured to bemovable in a direction of conveyance of a document by the documentfeeding unit 3.

The platen glass 22 is a document table formed of a transparentmaterial, such as a glass. The document reading slit 23 has a slit thatis formed in a direction orthogonal to the direction of conveyance of adocument by the document feeding unit 3.

The document reading unit 2 can automatically recognize the size of adocument sheet by sheet, reading an image within the range of that size.

When the scanner 21 is to read a document placed on the platen glass 22,it is moved to a position opposed to the platen glass 22, and reads thedocument placed on the platen glass 22 while scanning the document foracquiring image data, outputting the acquired image data to the mainunit 4.

Further, when the scanner 21 is to read a document carried by thedocument feeding unit 3, the scanner 21 is moved to a position opposedto the document reading slit 23. And the scanner 21 reads the documentthrough the document reading slit 23 in synchronization with thedocument carrying operation of the document feeding unit 3 for acquiringimage data, outputting the acquired image data to the main unit 4.

The document feeding unit 3 includes a document mounting unit 31, adocument discharge unit 32, and a document carrying mechanism 33. Thedocuments placed in the document mounting unit 31 are fed in turn sheetby sheet by the document carrying mechanism 33. The documents arecarried to a position opposed to the document reading slit 23, andthereafter are discharged into the document discharge unit 32. Thedocument feeding unit 3 is configured to be tiltable, and by bringingthe document feeding unit 3 upward, the top face of the platen glass 22can be opened.

The main unit 4 includes an image forming unit 7, and also includes apaper feeding unit 42, a paper carrying passage 43, conveyance rollers44, and discharge rollers 45. The paper feeding unit 42 includes a paperfeeding cassette 421, and a feed roller 422. In order to store recordingsheets that are different in size or orientation, respectively, thereare provided a plurality of paper feeding cassettes 421. The feed roller422 feeds the recording sheets one by one from the paper feedingcassette 421 to the paper carrying passage 43.

The feed roller 422, the conveyance rollers 44, and the dischargerollers 45 function as a conveyance unit. The recording sheet isconveyed by this conveyance unit. The recording sheet fed by the feedroller 422 into the paper carrying passage 43 is conveyed by theconveyance rollers 44 into the image forming unit 7.

And, the recording sheet provided with a record by the image formingunit 7 is discharged into the stack tray 5 by the discharge rollers 45.

The operation panel unit 6 includes a display unit; a start key; tenkeys; buttons for selecting an operation mode, such as copying,facsimile transmission, and scanner; buttons or a touch panel for givingan instruction related to execution of a job, such as printing,transmission, saving, or recording of the selected document, and thelike.

The operation panel unit 6 acquires instructions given by the user forvarious jobs to be made by the image forming apparatus 1. The operationpanel unit 6 can also receive or modify a particular user's informationin an account setting 90 on the basis of an instruction given by theuser to the operation panel unit 6.

The recording medium connection unit 63 is a reader/writer, or the like,which is connected to a recording medium 100. The recording mediumconnection unit 63 may be connected to the recording medium 100 or aparticular piece of equipment by wireless or optical connection, or maybe wired-connected thereto with direct contact between terminals. In thecase where the recording medium connection unit 63 is to bewired-connected, it includes terminals, connectors, and the like, forperforming reading and writing the recording medium 100.

Further, the recording medium connection unit 63 controls access to therecording medium 100, and controls communications with another terminal.

The recording medium 100 connected to the recording medium connectionunit 63 functions in the same manner as a storage unit 9 (see FIG. 2).

The recording medium 100 is a particular piece of equipment, or thelike, incorporating a recording medium.

The recording medium 100 stores image data scanned by the image formingapparatus 1, or another terminal (not shown), information for use inuser authentication, and the like, and other document data, and thelike.

Further, the recording medium 100 is also capable of storing a viewer 97(FIGS. 3A and 3B) in which a browsing file 96, a secret key 191, andposition information 192 are set, as described later.

The image forming unit 7 includes a photosensitive drum 71, an exposureunit 72, a developing unit 73, a transfer unit 74, and a fixing unit 75.

The exposure unit 72 is an optical unit, and exposes the photosensitivedrum 71 to form an electrostatic latent image on the surface of thephotosensitive drum 71 on the basis of the image data.

The developing unit 73 is a developing unit that uses toner fordeveloping the electrostatic latent image formed on the photosensitivedrum 71, and causes a toner image to be formed on the photosensitivedrum 71 on the basis of the electrostatic latent image. The transferunit 74 causes the toner image formed on the photosensitive drum 71 bythe developing unit 73 to be transferred onto the recording sheet. Thefixing unit 75 causes the toner image to be fixed on the recording sheetby heating the recording sheet onto which the toner image has beentransferred by the transfer unit 74.

[Configuration of File Browsing Control System]

In FIG. 2, there is given a block diagram illustrating a schematiccontrol configuration of a file browsing control system that uses theimage forming apparatus 1 and a terminal 200 to perform control ofbrowsing a file.

{Configuration of Image Forming Apparatus 1}

In the image forming apparatus 1, the document reading unit 2, thedocument feeding unit 3, the conveyance unit (the feed roller 422, theconveyance rollers 44, and the discharge rollers 45), the operationpanel unit 6, and the image forming unit 7 of the image formingapparatus 1 are connected to the control unit 8 to beoperation-controlled by the control unit 8. Further, to the control unit8, a storage unit 9, an image processing unit 10, a networktransmission/reception unit 12, and the like, are connected.

The control unit 8 is an information processing unit. The control unit 8and the image processing unit 10 read a control program stored, and byexecuting this control program, performs control of the entire apparatusin response to predetermined instruction information inputted from theoperation panel unit 6.

Further, the control unit 8 includes a document browsing control unit 81(an encryption portion, a browsing permitting position informationsetting portion, and a secret key setting portion). The documentbrowsing control unit 81 is implemented by the control unit 8 executinga program stored in the storage unit 9. The details of the functionconfiguration of the document browsing control unit 81 will be describedlater.

The storage unit 9 is a storage unit that uses a recording medium thatis non-transitory. The storage unit 9 stores image data that has beenscanned by the document reading unit 2; image data that has beenimage-processed by the image processing unit 10; print document datathat has been transmitted from the user's terminal; various files thathave been read from the recording medium 100; thumbnail image data; acontrol program for performing operation control of the image formingapparatus 1, and the like. The storage unit 9 may contain an area for asaving folder for each user. The details of data to be stored in thestorage unit 9 will be described later.

The image processing unit 10 is a control arithmetic unit for imageprocesses. The image processing unit 10 performs various imageprocesses, such as enlargement/reduction process, density adjustment,gradation adjustment, and image improvement process.

The image processing unit 10 converts an image read by the documentreading unit 2 to data, such as a file, before storing it in the storageunit 9 as document data 95.

The network transmission/reception unit 12 is a network connectiondevice for connecting the image forming apparatus 1 to a network 150.

The network transmission/reception unit 12 transmits/receives data witha data communication channel, while transmitting/receiving an audiosignal with an audio telephone line.

Further, the image forming apparatus 1 is connected to the terminal 200through the network transmission/reception unit 12. The image formingapparatus 1 and the terminal 200 constitutes a file browsing controlsystem.

In the image forming apparatus 1, the control unit 8 and the imageprocessing unit 10 may be integrally formed like a CPU containing GPU,or the like, or a chip-on-module package.

Further, the image forming apparatus 1 may include a facsimiletransmission/reception unit for performing facsimiletransmission/reception.

Further, the control unit 8 may store a control program for performingoperation control of the image forming apparatus 1 in an ROM, or thelike.

{Configuration of Terminal 200}

The terminal 200 includes a network transmission/reception unit 220, anI/O unit 230, a GPS reception unit 240 (a current position acquisitionunit), an input unit 250, a display unit 260, a control unit 280, astorage unit 290 (a position information storage unit and a viewerstorage unit).

The network transmission/reception unit 220 is a transmission/receptiondevice for connecting the terminal 200 to the network 150. The terminal200 is capable of transmitting/receiving a document data 95 (FIG. 3), abrowsing file 96, a viewer 97, a user ID or password for login, and thelike, through the network transmission/reception unit 220.

The network transmission/reception unit 220 may be connected to anexternal hub or router, or the like, and therethrough connected to thenetwork 150.

The I/O unit 230 is a constitutional portion that provides an interfacefor connection to various pieces of peripheral equipment. The I/O unit230 is connected to the input unit 250 and the display unit 260.

Further, like the recording medium connection unit 63 in the imageforming apparatus 1, the I/O unit 230 is capable of connecting therecording medium 100 for reading and writing data.

The GPS reception unit 240 is a position information acquisition unitthat includes a receiver and an antenna for the GPS (Global PositioningSystem), a gyro sensor, and the like. The GPS reception unit 240 mayacquire a signal, such as a GPS repeater, in addition to various GPSsignals. Further, the GPS reception unit 240 may acquire a positionalsignal by a radio wave of a portable network, or the like.

The GPS reception unit 240 is capable of calculating a current positionof the terminal 200, using such a signal received, the address on thenetwork, and the like.

The input unit 250 inputs information, such as various settings, anduser authentication.

The display unit 260 is capable of making a screen display for drawingfor an application, security setting, and the like.

The control unit 280 is a device having an arithmetic/controlcapability. The control unit 280 executes each program stored in thestorage unit 290, using a hardware resource.

Further, the control unit 280 includes a document browsing unit 210 (aposition information determination portion, and a browsing executionportion). The detailed configuration of the document browsing unit 210will be described later. The document browsing unit 210 is implementedby the control unit 280 executing a program stored in the storage unit290.

The storage unit 290 is a storage device. The storage unit 290 storesvarious programs and document data for browsing for causing the terminal200 to function as a terminal for document browsing. The details ofthese programs and data will be described later.

Further, the storage unit 290 also stores an OS (Operating System)including a GUI (Graphical User Interface), various applicationsoftwares (hereinafter to be called applications), other programs anddata, and the like. These programs and data can be read for execution,and written by the control unit 280. In other words, the storage unit290 can also once store printing data prepared by the document browsingunit 210. The terminal 200 can also transmit this printing data to theimage forming apparatus 1 as the document data 95.

{Details of Function Configurations and Data of Image Forming Apparatus1 and Terminal 200}

Here, with reference to FIG. 3A and FIG. 3B, the details of the functionconfigurations and data of the image forming apparatus 1 and theterminal 200 will be explained.

The image forming apparatus 1 and the terminal 200 encrypt the documentdata 95 with a public key 190 to prepare a browsing file 96 such that itcannot be browsed in an ordinary manner.

In order to browse this browsing file 96, the terminal 200 must beexecute a dedicated viewer 97. The viewer 97 includes a secret key 191for decrypting the browsing file 96 that has been encrypted by thepublic key 190.

FIG. 3A and FIG. 3B show a configuration of the image forming apparatus1 and the terminal 200 after the browsing file 96 and the set viewer 97having been transmitted by the later described process to the terminal200.

Referring to FIG. 3A, the document browsing control unit 81 in thecontrol unit 8 of the image forming apparatus 1 includes a userauthentication portion 82, a document acquisition portion 83, a documentencryption portion 84 (an encryption portion), a secret key settingportion 85, a position information setting portion 86 (a browsingpermitting position information setting portion), and a file viewertransmission portion 87 (a file transmission portion and a viewertransmission portion). Further, the storage unit 9 of the image formingapparatus 1 stores the account setting 90, the key information 91 (thepublic key 190 and the secret key 191), the base position data 92(position information), the document data 95, the browsing file 96, andthe viewer 97.

Referring to FIG. 3B, the document browsing unit 210 of the terminal 200includes a file viewer acquisition portion 211 (a file acquisitionportion and a viewer acquisition portion), a position informationdetermination portion 212 (a position information determinationportion), a browsing execution portion 213 (a browsing executionportion), and a viewer setting change portion 214 (a viewer settingchange portion). Further, the storage unit 290 (the viewer storage unit)of the terminal 200 stores the browsing file 96 and the viewer 97 thathave been acquired from the image forming apparatus 1. The viewer 97 maybe separately installed in the terminal 200.

(Configuration of Document Browsing Control Unit 81)

The user authentication portion 82 references the account setting 90 forperforming user authentication. The user authentication portion 82receives the user ID and the password inputted from the operation panelunit 6 or the terminal 200, and reads the account setting 90 forperforming comparison and authentication.

The document acquisition portion 83 saves the image data read by thedocument reading unit 2 in the storage unit 9 as the document data 95.Further, the document acquisition portion 83 may prepare the documentdata 95 from the printing data, and the like, transmitted from theterminal 200 or another terminal (not shown). Further, the documentacquisition portion 83 may acquire the document data 95 from therecording medium 100, the terminal 200, the user saving folder (notshown) in the storage unit 9, and the like, to store it in the storageunit 9.

The document encryption portion 84 encrypts the document data 95 withthe public key 190 included in the key information 91 to prepare thebrowsing file 96. Since the document data 95 is encrypted with thepublic key 190, this public key 190 may be transmitted to the terminal200 or another terminal, a server, or the like, (not shown), forencrypting it in such a piece of equipment.

The secret key setting portion 85 sets the secret key 191 for decryptingthe browsing file 96 in the viewer 97 stored in the storage unit 9. Thissecret key 191 is also included in the key information 91.

The position information setting portion 86 sets the positioninformation 192, which is to permit browsing of the browsing file 96encrypted by the document encryption portion 84, in the viewer 97. Theposition information 192 is set on the basis of the base position data92.

The file viewer transmission portion 87 transmits prepared browsing file96 and the viewer 97 in which the secret key 191 and the positioninformation 192 are set, to the terminal 200, or writes them to therecording medium 100.

(Configuration of Storage Unit 9)

The account setting 90 is a database including attribute information,such as the user ID (the user name), the password, the authorityinformation, the IP address of the terminal 200, and the mail address,for each user account. The user ID and the password in the accountsetting 90 are used for login to the image forming apparatus 1. Theauthority information in the account setting 90 includes informationabout authority of handling, such as printing, transmission or browsing,of a highly confidential, browsing-controlled document, in other words,information about the type of a “general user” or “authorized user”. Theaccount setting 90 is registered with the use of various pieces ofinformation that are inputted by the user from the operation panel unit6 or the terminal 200.

The key information 91 includes the public key 190 for encrypting thebrowsing file 96, and the secret key 191 for decrypting the browsingfile 96. For each user, a separate piece of key information 91 may beincluded. Further, the key information 91 may be acquired from theterminal 200. Further, the key information 91 may be prepared on thebasis of the user password, or the like, in the account setting 90.Further, the key information 91 may include data, such as theinstallation location (the position) of the image forming apparatus 1,and the manufacturing number and ID thereof.

The base position data 92 includes the position where the image formingapparatus 1 is installed, the position where to permit browsing of thebrowsing file 96 for respective user authorities, and the like. On thebasis of this base position data 92, the position information 192 is setin the viewer 97.

The document data 95 is data of the document acquired by the documentacquisition portion 83. The document data 95 includes character data,image data, and other types of data. The document data 95 may be imagedata that has been read by the document reading unit 2 and subjected toimage process by the image processing unit 10. In addition, the documentdata 95 may be data that has already been converted into a prescribedformat by the image processing unit 10 or the control unit 8. Further,the document data 95 may be data prepared by reading map or documentdata, image data, or the like, stored in the recording medium 100 thathas been brought about by the user and connected to the recording mediumconnection unit 63.

The browsing file 96 is a file of the document data 95 that has beenprepared, being encrypted by the document encryption portion 84. Thebrowsing file 96 is decrypted by the viewer 97 in the terminal 200 to beprovided for browsing.

The viewer 97 is a file viewer program, or the like, for allowing thebrowsing file 96 to be browsed with the terminal 200. In the presentembodiment, the viewer 97 is transmitted from the image formingapparatus 1 to the terminal 200, stored in the storage unit 290 of theterminal 200, and executed by the browsing execution portion 213 of thedocument browsing unit 210 of the terminal 200. The viewer 97 may beconfigured so as to be executable also in the image forming apparatus 1.Further, the viewer 97 may be installed by causing the terminal 200 toread the recording medium. Even in this case, the secret key 191 and theposition information 192 are set with the image forming apparatus 1.

The public key 190 and the secret key 191 provide a public key/secretkey pair, or the like, for encoding (encrypting) and decrypting with ahash function, or the like.

The position information 192 is data including the coordinate data, suchas the latitude or longitude that is acquirable with a GPS, thealtitude, or the like; the positional data that is acquirable with aportable telephone network; and the positional information, such as theaddress data, the name of the area or that of the building, and the IPaddress of the image forming apparatus 1 on the network. In the positioninformation 192, a plurality of base positions where to permit browsingcan be set with the allowable range in which browsing is possible evenaway from such a position being able to be specified as a value of froma several ten meters to a several hundred meters, or a value like asubnet mask on the network of an IP address, respectively. The positioninformation 192 may also include setting information, such as thepermissible time of browsing by the viewer 97, the number of permissibletimes of browsing, the permissible date of browsing, and the deadline ofbrowsing, for each position.

(Configuration of Document Browsing Unit 210)

The file viewer acquisition portion 211 acquires the browsing file 96and the viewer 97 transmitted by the file viewer transmission portion87, and stores them in the storage unit 290. Further, the file vieweracquisition portion 211 is also capable of acquiring the browsing file96 and the viewer 97 that are recorded in the recording medium 100, andstoring or installing them into the storage unit 290.

The position information determination portion 212 determines whether ornot the position information 192 included in the viewer 97 stored in thestorage unit 290 coincides with a current position acquired from the GPSreception unit 240. At this time, the position information determinationportion 212 determines whether or not the current position is a positionwithin a prescribed allowable range in the position information 192.

In the case where the position information determination portion 212 hasdetermined that the position information 192 included in the viewer 97coincides with the current position, the browsing execution portion 213uses the secret key 191 included in the viewer 97 stored in the storageunit 290 to decrypt the browsing file 96 for causing it to be browsed.

[Browsing File Preparation Process by Image Forming Apparatus 1]

Here, with reference to FIG. 4 and FIG. 5, the browsing file preparationprocess with the image forming apparatus 1 according to the embodimentof the present disclosure will be explained.

In the browsing file preparation process, the document data 95 isencrypted mainly with the image forming apparatus 1 to prepare thebrowsing file 96. Thereafter, the secret key 191 and the positioninformation 192 are set in the viewer 97 for this browsing file 96 to betransmitted to the terminal 200.

In this browsing file preparation process, mainly the control unit 8executes the program stored in the storage unit 9 in cooperation witheach unit, using the hardware resource.

Hereinbelow, with reference to a flow chart in FIG. 4, the outline ofthe browsing file preparation process will be explained for each step.

(Step S101)

First, the document browsing control unit 81 uses the userauthentication portion 82 to perform user authentication process.

The document browsing control unit 81 receives an instruction forpreparing a file browsable with the viewer 97 from the operation panelunit 6. Then, the document browsing control unit 81 displays a dialogfor requesting inputting of the user ID and the password, and the like,on the display unit of the operation panel unit 6. Upon the ID and thepassword being acquired, the document browsing control unit 81 reads theaccount setting 90 for comparison.

The document browsing control unit 81 may perform authentication bymeans of the recording medium 100, such as an IC card in which the userID information is stored, a biometric authentication sensor (not shown),or the like.

Further, the document browsing control unit 81 may cause the displayunit 260 of the terminal 200 to display a dialog, or the like. Thereby,the document browsing control unit 81 may acquire the ID or passwordfrom the user through the network 150 for performing authentication.

(Step S102)

Next, the document browsing control unit 81 uses the user authenticationportion 82 to determine whether the user concerned is an authorizeduser. In the case where the user ID and the password coincide with thosestored in the account setting 90, the document browsing control unit 81reads the authority information in the account setting 90 for the userthat has been acquired. And, in the case where the user concerned is anauthorized user, the document browsing control unit 81 makes adetermination of Yes. In any other cases, the document browsing controlunit 81 makes a determination of No.

If Yes is given, document browsing control unit 81 advances the processto Step S103.

If No is given, the document browsing control unit 81 gives a display,such as “You have no permission for preparing a file to be browsed withviewer”, on the display unit of the operation panel unit 6, or the like,to terminate the browsing file preparation process.

(Step S103)

In the case where the user who has been authenticated is an authorizeduser, the document browsing control unit 81 uses the documentacquisition portion 83 to perform document data acquisition process.

The document browsing control unit 81 causes the document reading unit 2to read a document set by the user, for example, and saves the imagedata of the read document in the storage unit 9 as the document data 95.

Further, the document browsing control unit 81 may acquire PDL (PageDescription Language) data, or the like, from the terminal 200 oranother terminal (not shown), and prepare the document data 95 to saveit in the storage unit 9. This PDL data is prepared by applicationsoftware that is executed by the terminal 200 or another terminal, orthe like, and transmitted by the device driver in the image formingapparatus 1.

Further, the document browsing control unit 81 may acquire the documentdata 95 that already exists in the recording medium 100 connected to therecording medium connection unit 63 or the user saving folder (notshown) in the storage unit 9, or the like, and store it in the storageunit 9. Further, the document acquisition portion 83 may acquire thedocument data 95 that already exists, from the saving folder (not shown)in the terminal 200 or another terminal, and store it in the storageunit 9.

The document browsing control unit 81 may acquire the document data 95from another image forming apparatus 1 or another server (not shown)through the network 150. Further, the document browsing control unit 81may acquire a document, or the like, received by facsimile as thedocument data 95.

(Step S104)

Next, the document browsing control unit 81 uses the document encryptionportion 84 to perform document encryption process.

Referring to FIG. 5, the document browsing control unit 81 encrypts thedocument data 95 stored in the storage unit 9 with the public key 190 inthe key information 91, using a hash function, or the like.

The document browsing control unit 81 stores the encrypted document data95 in the storage unit 9 as the browsing file 96. At this time, in thepresent embodiment, the position information 192 is not caused to beincluded in the browsing file 96 itself.

(Step S105)

Next, the document browsing control unit 81 uses the secret key settingportion 85 to perform secret key setting process.

The document browsing control unit 81 sets the secret key 191 includedin the key information 91 in the viewer 97 stored in the storage unit 9.In the case where the viewer 97 is executed at the terminal 200, thissecret key 191 can be used to decrypt the browsing file 96.

(Step S106)

Next, the document browsing control unit 81 uses the positioninformation setting portion 86 to perform viewer position informationsetting process.

The document browsing control unit 81 sets the position information 192in the viewer 97 on the basis of the user setting and the base positiondata 92. The document browsing control unit 81 sets the positioninformation 192 about the base (location or position) where to permitthe user to browse the browsing file 96 encrypted by the documentencryption portion 84.

The document browsing control unit 81 specifies the allowable range of,for example, a several ten meters to a several hundred meters in radiusout of the base position data 92 for the position where the imageforming apparatus 1 is installed, or the like, and sets it in the viewer97 as the position information 192. Further, in indoors where theposition cannot be acquired by means of the GPS, the document browsingcontrol unit 81 may specify the allowable range on the basis of theradio wave information from the portable telephone network, and set itin the viewer 97 as the position information 192. Further, the documentbrowsing control unit 81 may set, in the viewer 97, a subnet mask on thenetwork, or the position information 192 about the allowable range, suchas that to permit browsing in the case where the current position is inthe same LAN as the image forming apparatus 1.

Further, the document browsing control unit 81 is capable of setting aplurality of positions where to permit browsing of the browsing file 96.The document browsing control unit 81 is capable of setting a pluralityof base positions, such as “headquarter”, “branch A”, and “branch B”, inthe viewer 97 as the position information 192. The document browsingcontrol unit 81 is also capable of setting the secret key 191 such thatit varies for each of the plurality of base positions.

Further, the document browsing control unit 81 is capable of setting anallowable range in accordance with the type of the viewer 97 or theauthority of the user caused to browse in the viewer 97 as the positioninformation 192. At this time, a plurality of viewers 97 may be preparedfor setting the position information 192 and the secret key 191 in therespective viewers 97.

For example, the document browsing control unit 81 can make suchsettings:

Viewer 97 for cooperative company: Browsable only at specific base

Viewer 97 for general partner: Browsable at any bases

Viewer 97 for senior management employee: Browsable at any location

Further, as the position information 192, the document browsing controlunit 81 is capable of setting such position information that can bespecified by using a specific key word, or the like, such as “insideShinkansen” or “National High Way Route No. - - - ”.

In this way, by setting the position information 192 and the secret key191 in the viewer 97, the browsing location for the browsing file 96 canbe flexibly set.

(Step S107)

Next, the document browsing control unit 81 uses the positioninformation setting portion 86 to perform setting process of viewerbrowsing deadline, etc.

The document browsing control unit 81 is capable of setting thepermissible time of browsing in the viewer 97 for each position. Inother words, the document browsing control unit 81 can be set such that,in a prescribed location, after the viewer 97 having been started at theterminal 200, browsing of the browsing file 96 is permitted only for abrowsing time that has been set.

Further, the document browsing control unit 81 may set the number ofpermissible times of browsing in the viewer 97. In other words, thedocument browsing control unit 81 can be set such that, at the terminal200, the viewer 97 can be started by the number of permissible times ofbrowsing. Likewise, the document browsing control unit 81 may set thepermissible date of browsing, the deadline of browsing, or the like. Inother words, the document browsing control unit 81 can be set such that,if the terminal 200 is in a particular position, and the browsing timeof day or period is not the permitted one for that position, the viewer97 cannot be started.

The document browsing control unit 81 can set the browsing time, thenumber of permissible times of browsing, the permissible date ofbrowsing, the deadline of browsing, and the like, including these in theposition information 192.

As described later, the document browsing control unit 81 allows thesettings of the secret key 191 and the viewer 97 to be changed from theoperation panel unit 6 or the terminal 200.

(Step S108)

Next, the document browsing control unit 81 uses the file viewertransmission portion 87 to perform file viewer transmission process.

The document browsing control unit 81 transmits the viewer 97 in whichthe position information 192 and the secret key 191 are set, and thebrowsing file 96 to the terminal 200. The document browsing unit 210 inthe terminal 200 acquires these by means of the file viewer acquisitionportion 211, and stores them in the storage unit 290.

Further, the document browsing control unit 81 is capable of writing theviewer 97 and the browsing file 96 to the recording medium 100 connectedto the recording medium connection unit 63 to store them therein. Thefile viewer acquisition portion 211 in the terminal 200 can also acquirethe viewer 97 and the browsing file 96 stored in the recording medium100.

By the above way, the browsing file preparation process according to theembodiment of the present disclosure is terminated.

[File Browsing Process by Terminal 200]

Next, with reference to FIG. 6 to FIG. 9, the details of file browsingprocess by the terminal 200 will be explained.

By the above browsing file preparation process, the terminal 200acquires the encrypted browsing file 96 and the viewer 97 from the imageforming apparatus 1, and stores them in the storage unit 290. In theviewer 97, there are set the secret key 191 and the position information192 for decrypting the browsing file 96.

With the file browsing process of the present embodiment, if the userinstructs the viewer 97 to start in this state, the following processwill be performed.

This file browsing process is performed mainly by the control unit 280executing the program stored in the storage unit 290 in cooperation witheach unit, using the hardware resource.

Hereinbelow, with reference to a flowchart in FIG. 6, the file browsingprocess will be explained in detail for each step.

(Step S201)

First, the document browsing unit 210 uses the position informationdetermination portion 212 to determine whether or not the positioninformation can be acquired. In the case where the GPS reception unit240 (FIG. 2) in the terminal 200 can be used, and the current positioncan be acquired, the document browsing unit 210 makes a determination ofYes. In any other cases, the document browsing unit 210 makes adetermination of No. Further, in the case where, in the viewer 97, thenumber of permissible times of browsing, the deadline of browsing, thepermissible time of day of browsing, and the like, are set, and thesebrowsing conditions are not met, the document browsing unit 210 makes adetermination of No. In other words, in such a case as that where thenumber of times of browsing exceeds the permissible value, or thebrowsing time of day or period is not the permitted one, the documentbrowsing unit 210 makes a determination of No. Further, also in the casewhere, in the first place, neither the secret key 191 nor the positioninformation 192 is set in the viewer 97, the document browsing unit 210makes a determination of No.

If Yes is given, the document browsing unit 210 advances the process toStep S202.

If No is given, the document browsing unit 210 advances the process toStep S204.

(Step S202)

Next, the document browsing unit 210 uses the position informationdetermination portion 212 to perform current position acquisitionprocess.

In this process, the document browsing unit 210 acquires the currentposition of the terminal 200 by means of the GPS reception unit 240.

The document browsing unit 210 may calculate the latitude and longitudeof the terminal 200 from a plurality of GPS satellites, or may useinformation of the base station of the portable telephone network, orthe like, to identify the current position. Further, the documentbrowsing unit 210 may identify the current position from the radio waveof the GPS repeater, or the like. In addition, the document browsingunit 210 may identify the indoor current position from the magnitude ofthe radio wave from an access point of a wireless LAN, or the like.Further, the document browsing unit 210 may use the value of a gyrosensor or atmospheric pressure sensor (not shown) for identifying thecurrent position more accurately.

Further, the document browsing unit 210 may identify the position on thenetwork in a specific LAN, or the like. At this time, the documentbrowsing unit 210 may specify the information of whether or not theimage forming apparatus 1 is on the same LAN as the terminal 200 as thecurrent position. The document browsing unit 210 may make broadcasting,or the like, to communicate with the image forming apparatus 1 forreferencing the manufacturing number, the ID, and the like, in the keyinformation 91, and the installation position, and the like, included inthe base position data 92 to identify the current position.

The document browsing unit 210 may cause the user to make the login tothe terminal 200, or the like, to check for whether or not the user isthe same one who is expected to use the viewer 97.

(Step S203)

Next, the document browsing unit 210 uses the position informationdetermination portion 212 to determine whether or not the browsinglocation coincides with the permitted one. The document browsing unit210 determines whether or not the position information 192 included inthe viewer 97 stored in the storage unit 290 coincides with the currentposition acquired from the GPS reception unit 240. At this time, in thecase where the current position acquired is a position within theallowable range of the position information 192, the document browsingunit 210 gives a determination of coincidence. In the case where thecurrent position acquired is a position within the allowable range ofthe position information 192, the document browsing unit 210 makes adetermination of Yes. In any other cases, the document browsing unit 210makes a determination of No.

If Yes is given, the document browsing unit 210 advances the process toStep S205.

If No is given, the document browsing unit 210 advances the process toStep S204.

(Step S204)

In such a case as that where the current position has not been acquired,the current position does not coincide with the browsing permittedlocation, or any other browsing condition is not met, the documentbrowsing unit 210 uses the position information determination portion212 to perform dialog display process.

Referring to FIG. 7, for example, in the case where the GPS function isoff, the document browsing unit 210 may give such a display of “Turn GPSon” as in a display example 500 to notify the user of the situation.Further, in the case where the current position does not coincide withthe browsing permitted location, the document browsing unit 210 maydisplay a dialog box giving a message “Position information error: Inthis location, browsing is impossible”, or the like, as in a displaycolumn 600. Further, also in the case where any other browsing conditionis not met, or neither the secret key 191 nor the position information192 is set, the document browsing unit 210 may give a display of thateffect.

Thereafter, the document browsing unit 210 advances the process to StepS208.

(Step S205)

In the case where the current position coincides with the browsingpermitted location, the document browsing unit 210 uses the browsingexecution portion 213 to perform file decryption process.

With reference to FIG. 8, the file decryption process will be explained.The document browsing unit 210 decrypts the browsing file 96 by means ofthe secret key 191 included in the viewer 97 stored in the storage unit290.

At this time, the document browsing unit 210 can successively read anddecrypt only the part of the browsing file 96 that has been displayed inthe display unit 260 of the terminal 200.

Further, the document browsing unit 210 may save the decrypted data ofthe browsing file 96 in the protected storage area of the storage unit290. Thereby, only the viewer 97 can read the decrypted data.

(Step S206)

Next, the document browsing unit 210 uses the browsing execution portion213 to perform file display process.

Referring to FIG. 9, such a window as a display column 610 is displayedin a screen, such as that in a display example 501, for displaying thedecrypted data of the browsing file 96. At this time, in the case wherethe browsing file 96 is to be successively decrypted, the documentbrowsing unit 210 acquires the user's instruction at the input unit 250,and successively reads the browsing file 96 for display in response tothe user depressing the scroll bar, or the like.

The document browsing unit 210 may perform printing,facsimile-transmitting, saving in the recording medium 100,file-transmitting, or the like, of the decrypted data of the browsingfile 96 at the image forming apparatus 1.

Further, the document browsing unit 210 may transmit that the user ismaking browsing to the image forming apparatus 1 in order to cause it tomonitor the situation.

(Step S207)

Next, the document browsing unit 210 uses the browsing execution portion213 to determine whether or not an instruction for terminating thebrowsing has been given by the user. In such a case as that where theuser has depressed a “terminate” button 710 in FIG. 9, has selected achoice of “terminate” from the file menu (not shown) for the viewer 97,or has depressed a button for closing the window of the viewer 97, thedocument browsing unit 210 makes a determination of Yes. Further, alsoin the case where a browsing permissible time has been set, and thebrowsing permissible time has elapsed from the start of the viewer 97,the document browsing unit 210 makes a determination of Yes. In anyother case, the document browsing unit 210 makes a determination of No.

If Yes is given, the document browsing unit 210 advances the process toStep S208.

If No is given, the document browsing unit 210 waits for a predeterminedtime period, and then returns the process to Step S201 to make the userto continue the browsing. This allows a process scheme that, duringbrowsing of a document, the current position of the terminal 200 isacquired at fixed intervals of time, and when the terminal 200 comes outof the area in which the browsing file 96 can be decrypted, the browsingfile 96 that is currently being browsed is closed.

(Step S208)

In the case where an instruction for terminating the browsing has beengiven by the user, the current position could not have been acquired, orthe current position of the terminal 200 has been shifted to a positionwhere browsing is not permitted, the document browsing unit 210 uses thebrowsing execution portion 213 to perform browsing termination process.

Then, the document browsing unit 210 closes the window of the viewer 97,and makes the other necessary operations. Thereafter, the documentbrowsing unit 210 deletes the decrypted data of the browsing file 96. Atthis time, the document browsing unit 210 may transmit that the browsinghas been terminated, to the image forming apparatus 1.

Further, in such a case as that where the number of permissible times ofbrowsing has been set, and the number of starts of the viewer 97 hasexceeded the number of permissible times of browsing, or where thedeadline of browsing has been exceeded, the document browsing unit 210may delete the secret key 191 or the viewer 97 itself from the storageunit 290 such that the viewer 97 cannot be started.

(Step S209)

Here, the document browsing unit 210 uses the viewer setting changeportion 214 to perform viewer setting change process.

The document browsing unit 210 is capable of changing the positioninformation 192 set in the viewer 97 after the browsing having beenterminated. This change may be performed from the input unit 250 of theterminal 200, from the operation panel unit 6 of the image formingapparatus 1 with the terminal 200 being connected to the image formingapparatus 1, or through the recording medium 100. This allows thesetting of the position information 192 of the viewer 97 to be changedfor flexibly changing the position where a confidential file is to bebrowsed.

The document browsing unit 210 may also change the position information192 by causing the user to make such an operation as inputting thepassword during the file display process. This allows the setting to bechanged such that even the viewer 97 for cooperative company can makebrowsing at the respective bases of, for example, “headquarter”, “branchA”, and “branch B”.

By the above way, the file browsing process according to the embodimentof the present disclosure terminated.

By configuring as above, the following advantages will be obtained.

The image forming apparatus 1 according to the embodiment of the presentdisclosure is an image forming apparatus featuring a file browsingcontrol system that performs control of browsing of the browsing file 96with the image forming apparatus 1 and the terminal 200. The imageforming apparatus 1 includes the document acquisition portion 83 foracquiring the document data 95; the document encryption portion 84 forencrypting the document data 95 as the browsing file 96 with the publickey 190; and the position information setting portion 86 for settingposition information in the viewer 97 to permit browsing of the browsingfile 96 encrypted by the document encryption portion 84 for causing thebrowsing file 96 to be browsed at the terminal 200, while the terminal200 includes the storage unit 290 for storing the viewer 97 includingthe secret key 191 for decrypting the browsing file 96 encrypted by thedocument encryption portion 84, and the position information 192 set bythe position information setting portion 86; the position informationdetermination portion 212 for determining whether or not the positioninformation 192 included in the viewer 97 stored in the storage unit 290coincides with a current position; and the browsing execution portion213 that, in the case where the position information determinationportion 212 has determined that the position information 192 included inthe viewer 97 coincides with the current position, uses the secret key191 included in the viewer 97 stored in the storage unit 290 to decryptthe browsing file 96 for causing it to be browsed.

By thus configuring, a current position of the terminal 200 can beacquired from the GPS reception unit 240, and in the case where thecurrent position of the terminal 200 is the location that has beenpreviously set in the position information 192 in the viewer 97, thesecret key 191 can be used to decrypt the document for making itbrowsable.

In other words, in the present embodiment, for the browsing file 96saved in the terminal 200, such a position information 192 as that, forexample, to permit the user to browse it in the office, but not permitthe user to browse it outside of the office, can be set in the viewer97. That is to say, it becomes possible to encrypt the document itself,limit the access thereto, and in the case where it has been determinedthat the user is in the office, decrypt the browsing file 96 forpermitting the user to brows it. This can prevent occurrence ofinformation leakage, and the like, resulting from the document beingbrought to outside of the office.

Further, the position information 192 to permit browsing of the browsingfile 96, such as an internal document, saved in the terminal 200 can bechanged under prescribed conditions. In other words, in the case wherethe position where to permit browsing is to be changed, simply byexchanging viewers 97, the encrypted browsing file 96 can be used as itis. In other words, the location where to permit browsing of a file canbe simply specified and changed.

Therefore, for a browsing-restricted file, such as an internal document,there is no need for separately preparing a file with which the positioninformation to permit browsing has been changed, every time inaccordance with the user being a partner or a person of a cooperativecompany, or the like, whereby labor saving can be achieved.

Further, since determination of the position information is performedwith the viewer 97, it is not required that the browsing location be setfor each particular document data 95, and delivery or distributionthereof can be performed by causing the browsing file 96 to bedownloaded from on the Internet, or the like.

Thereby, it becomes possible to easily handle the encrypted browsingfile 96, whereby the convenience of the user can be improved.

Further, as in the present embodiment, by setting the positioninformation 192 on the side of the viewer 97, it becomes possible tomanage the security by means of the viewer 97. Therefore, the need forthe authorized user performing detailed security settings, such as theposition information 192, in the browsing file 96 is eliminated, wherebythe possibility of occurrence of a wrong security setting can belowered.

Further, even if a wrong security setting has been caused, the problemcan be solved on the side of the viewer 97 by taking such a measure asupdating the viewer 97.

Further, in the present embodiment, even after the browsing file 96having been distributed, the security setting, such as the browsinglocation of the position information 192, can be changed.

Up to now, it has been substantially difficult to update the browsingfile 96 that has been already distributed. Contrarily to this, since theviewer 97 is set in each user's terminal 200, by updating the setting ofthe viewer 97, or providing an expiration date, or the like, thebrowsing file 96 can be forcedly subjected to periodical updating.Therefore, even after the browsing file 96 having been prepared, thelocation where to permit browsing thereof can be easily changed.

Further, with the file browsing control system of the presentembodiment, since the secret key 191 for decryption is set in the viewer97, the browsing file 96 can be browsed even in the environment in whichthe terminal 200 is not connected to the network 150, whereby theconvenience is enhanced.

Further, by browsing without connecting to the network 150, thepossibility of being subjected to an attack through the network 150, andthe like, can be minimized, whereby outflow of the key information canbe suppressed. Accordingly the security can be enhanced.

Further, with the file browsing control system of the presentembodiment, the browsing file 96 is encrypted with the public key 190,and by setting the secret key 191 in the viewer 97, the browsing file 96is encrypted and decrypted with different keys in the browsing file 96and the viewer 97.

Therefore, the risk of outflow of the secret key 191 to outside of theimage forming apparatus 1 and the terminal 200 is minimized, thereby thesecurity can be enhanced. Further, in the present embodiment, even ifthe browsing file 96 has been acquired, and the position information topermit browsing has been known, with them alone, the browsing file 96cannot be decrypted, whereby the security can be enhanced.

In the present embodiment, there may be a number of authorized users,preparing the browsing file 96 from the document data 95. Further, inthe present embodiment, since the public key 190 is used for encryption,even a general user can prepare the browsing file 96, thereby theconvenience can be enhanced.

Further, the image forming apparatus 1 of the present disclosureincludes the storage unit 9 for storing the viewer 97; the secret keysetting portion 85 for setting the secret key 191 for decrypting thebrowsing file 96 in the viewer 97 stored in the storage unit 9; and thefile viewer transmission portion 87 for transmitting, to the terminal200, the viewer 97 in which the secret key 191 has been set by thesecret key setting portion 85, and the browsing file 96.

By thus configuring, the viewer 97 itself in which the secret key 191has been set can be transmitted to the terminal 200. Thereby, the needfor delivering the secret key 191 itself from the image formingapparatus 1 to the terminal 200 is eliminated, and every time theposition information 192 is set, the secret key 191 can be updated,whereby the security can be improved.

Further, the terminal 200 of the present embodiment is configured suchthat it will not permit browsing in the event where a current positioncannot be acquired, whereby the security can be enhanced.

The terminal 200 of the present disclosure may be implemented by thedriver (driver software) of the terminal, such as a PC or a smart phone,or a dedicated application (application software).

Further, the present disclosure is also applicable to informationprocess apparatuses other than the image forming apparatus. In otherwords, the image forming apparatus may be configured to use a networkscanner, a server to which a scanner is separately connected with a USB,or the like.

Further, a configuration that transmits the browsing file 96 to theterminal 200 without encrypting it may be provided.

The configuration and operation of the above embodiment are examples,and of course it is possible to alter them as appropriate forimplementation within the scope of the gist of the present disclosurefor execution.

What is claimed is:
 1. A file browsing method that performs control ofbrowsing of a file with an image forming apparatus and a terminal, themethod comprising: via the image forming apparatus, determining whethera user of the image forming apparatus is an authorized user; encryptingthe file of the authorized user with a public key; storing a pluralityof viewers for causing the file to be browsed at the terminal, wherein:each of the plurality of viewers includes position information to permitbrowsing of said encrypted file and a secret key to decrypt theencrypted file, wherein the position information is not included in thefile; the position information of each of the plurality viewersincludes, in accordance with an authority of a user caused to browse atthe terminal and a type of the viewer, an allowable position or anallowable position range, the plurality of viewers including i) a firstviewer for a cooperative company having first position information,wherein the first position information allows the file to be browsableonly from a predefined location, ii) a second viewer for a generalpartner having second position information, wherein the second positioninformation allows the file to be browsable from any of a plurality ofpredefined locations, and iii) a third viewer for a senior managementemployee having third position information, wherein the third positioninformation allows the file to be browsable from any location; and thesecret keys vary for each of the plurality of viewers; setting, in eachof the plurality of viewers, the position information to permit browsingof said the encrypted file at the terminal; setting, in each of theplurality of viewers, the secret key to decrypt the encrypted file; andtransmitting to the terminal the encrypted file and the plurality ofviewers; and via the terminal, receiving from the image formingapparatus the encrypted file and the plurality of viewers transmitted;storing the encrypted file and the plurality of viewers received fromthe image forming apparatus; calculating a current position of theterminal using a Global Positioning System (‘GPS’) reception unitcomprising a receiver and an antenna; determining whether the positioninformation included in a viewer of the plurality of viewers receivedfrom the image forming apparatus and stored in the terminal coincideswith the current position of the terminal; reading the secret key of theviewer of the plurality of viewers received from the image formingapparatus and stored in the terminal; and decrypting the encrypted fileusing the secret key of the viewer of the plurality of viewers receivedfrom the image forming apparatus and stored in the terminal and causingthe decrypted file to be browsed, if the position information of theviewer of the plurality of viewers received from the image formingapparatus and stored in the terminal coincides with the current positionof the terminal, wherein the image forming apparatus is amultifunctional peripheral (‘MFP’).
 2. The method of claim 1, whereinthe position information included in each of the plurality of viewersreceived from the image forming apparatus and stored in terminal furtherincludes at least one of a browsing time, the number of permissibletimes of browsing, a permissible date of browsing, and a deadline ofbrowsing.
 3. A file browsing system that performs control of browsing ofa file, the system comprising: an image forming apparatus, wherein theimage forming apparatus is a multifunctional peripheral (‘MFP’); and aterminal, wherein, the image forming apparatus comprises: a firstcontrol unit formed by a central processing unit (‘CPU’), wherein thefirst control unit formed by the CPU includes: a user authenticationportion that determines whether a user of the image forming apparatus isan authorized user; and a document encryption portion that encrypts thefile of the authorized user with a public key; a non-transitoryrecording medium that stores a plurality of viewers for causing the fileto be browsed at the terminal, wherein: each of the plurality of viewersincludes position information to permit browsing of said encrypted fileand a secret key to decrypt the encrypted file, wherein the positioninformation is not included in the file; the position information ofeach of the plurality viewers includes, in accordance with an authorityof a user caused to browse at the terminal and a type of the viewer, anallowable position or an allowable position range, the plurality ofviewers including i) a first viewer for a cooperative company havingfirst position information, wherein the first position informationallows the file to be browsable only from a predefined location, ii) asecond viewer for a general partner having second position information,wherein the second position information allows the file to be browsablefrom any of a plurality of predefined locations, and iii) a third viewerfor a senior management employee having third position information,wherein the third position information allows the file to be browsablefrom any location; and the secret keys vary for each of the plurality ofviewers; a position information setting portion comprised by the firstcontrol unit that sets in each of the plurality of viewers, the positioninformation to permit browsing of the encrypted file at the terminal; asecret key setting portion comprised by the first control unit thatsets, in each of the plurality of viewers, the secret keys to decryptthe encrypted file; a network connection device for connecting the imageforming apparatus to a network; a file viewer transmission portioncomprised by the first control unit that uses the network connectiondevice to transmit to the terminal the encrypted file and the pluralityof viewers; and the terminal comprises: a second control unit thatexecutes programs using a hardware resource, wherein the second controlunit includes a file viewer acquisition portion that receives from theimage forming apparatus the encrypted file and the plurality of viewers;a storage device that stores the encrypted file and the plurality ofviewers received; and a Global Positioning System (‘GPS’) reception unitcomprising a receiver and an antenna for the GPS that calculates acurrent position of the terminal; wherein the second control unitfurther comprises a position information determination portion thatacquires the current position of the terminal by the GPS reception unit,and determine whether the position information included in a viewer ofthe plurality of viewers received from the image forming apparatus andstored in the storage device coincides with the current position of theterminal; and wherein the second control unit further comprises abrowsing execution portion that reads the secret key included in theviewer of the plurality of viewers received from the image formingapparatus and stored in the storage device, decrypts the encrypted fileusing the secret key included in the viewer of the plurality of viewersreceived from the image forming apparatus and stored in the storagedevice, and causes the file to be browsed, if the position informationdetermination portion has determined that the position informationincluded in the viewer of the plurality of viewers received from theimage forming apparatus and stored in the second storage devicecoincides with the current position of the terminal.
 4. The system ofclaim 3, wherein the position information included in each of theplurality of viewers stored in the non-transitory recording medium orthe storage device further includes at least one of a browsing time, thenumber of permissible times of browsing, a permissible date of browsing,and a deadline of browsing.
 5. An image forming apparatus for performingcontrol of browsing of a file by a terminal, comprising: a control unitformed by a central processing unit (‘CPU’), wherein the control unitformed by the CPU comprises: a user authentication portion thatdetermines whether a user of the image forming apparatus is anauthorized user; and a document encryption portion that encrypts saidfile with a public key; a non-transitory recording medium that stores aplurality of viewers for causing the file to be browsed at the terminal,wherein: each of the plurality of viewers includes position informationto permit browsing of said encrypted file and a secret key to decryptthe encrypted file, wherein the position information is not included inthe file; the position information of each of the plurality of viewersincludes, in accordance with an authority of a user caused to browse atthe terminal and a type of the viewer, an allowable position or anallowable position range, the plurality of viewers including i) a firstviewer for a cooperative company having first position information,wherein the first position information allows the file to be browsableonly from a predefined location, ii) a second viewer for a generalpartner having second position information, wherein the second positioninformation allows the file to be browsable from any of a plurality ofpredefined locations, and iii) a third viewer for a senior managementemployee having third position information, wherein the third positioninformation allows the file to be browsable from any location; and thesecret key of each of the plurality of viewers varies; a positioninformation setting portion comprised by the control unit that sets, ineach of the plurality of viewers, the position information to permitbrowsing of said encrypted file at said terminal; a secret key settingportion comprised by the control unit that sets, in each of theplurality of viewers, the secret keys to decrypt the encrypted file; anetwork connection device for connecting the image forming apparatus toa network; and a file viewer transmission portion comprised by thecontrol unit that uses the network connection device to transmit to theterminal the encrypted file and a viewer of the plurality of viewers;wherein the image forming apparatus is a multifunctional peripheral(‘MFP’).
 6. The image forming apparatus of claim 5, wherein the positioninformation further includes at least one of a browsing time, the numberof permissible times of browsing, a permissible date of browsing, and adeadline of browsing.
 7. The image forming apparatus of claim 5, whereinthe file viewer transmission portion transmits to the terminal theplurality of viewers.
 8. A terminal for browsing a file of an authorizeduser encrypted by an image forming apparatus, comprising: a control unitthat executes programs using a hardware resource, wherein the controlunit comprises a file viewer acquisition portion that receives from theimage forming apparatus the encrypted file and a plurality of viewers; astorage device that stores the encrypted file and the plurality ofviewers received, wherein: each of the plurality of viewers includesposition information to permit browsing of the file at the terminal anda secret key to decrypt the encrypted file set by the image formingapparatus, wherein the position information is not included in the file;the position information of each of the plurality of viewers stored inthe storage device includes, in accordance with an authority of a usercaused to browse at the terminal and a type of the viewer, an allowableposition or an allowable position range, the plurality of viewersincluding i) a first viewer for a cooperative company having firstposition information, wherein the first position information allows thefile to be browsable only from a predefined location, ii) a secondviewer for a general partner having second position information, whereinthe second position information allows the file to be browsable from anyof a plurality of predefined locations, and iii) a third viewer for asenior management employee having third position information, whereinthe third position information allows the file to be browsable from anylocation; and the secret keys stored in the storage device vary for eachof the plurality of viewers stored in the storage device; and a GlobalPositioning System (‘GPS’) reception unit comprising a receiver and anantenna for the GPS that calculates a current position of the terminal;wherein the control unit further comprises a position informationdetermination portion that acquires the current position of the terminalby the GPS reception unit, and determine whether the positioninformation included in a viewer of the plurality of viewers receivedfrom the image forming apparatus and stored in the storage devicecoincides with the current position of the terminal, wherein the controlunit further comprises a browsing execution portion that reads thesecret key included in a viewer of the plurality of viewers receivedfrom the image forming apparatus and stored in the storage device,decrypts the encrypted file using the secret key included in a viewer ofthe plurality of viewers received from the image forming apparatus andstored in the storage device, and causes the decrypted file to bebrowsed, if the position information determination portion hasdetermined that the position information included in the viewer andstored in the storage device coincides with the current position of theterminal, and wherein the image forming apparatus is a multifunctionalperipheral (‘MFP’).
 9. The terminal of claim 8, wherein the positioninformation included in each of the plurality of viewers received fromthe image forming apparatus and stored in the storage device furtherincludes at least one of a browsing time, the number of permissibletimes of browsing, a permissible date of browsing, and a deadline ofbrowsing.